Am-101 Firmware Security Vulnerabilities and Issues — Am-101 Firmware CVE List

Lucene search

CrestronAm-101 Firmware

3 matches found

CVE•added 2019/04/30 9:29 p.m.•60 views

CVE-2019-3938

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary can be used to decrypt any co...

7.8CVSS7.6AI score0.00025EPSS

CVE•added 2019/04/30 9:29 p.m.•39 views

CVE-2019-3936

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vulnerability to stop an active...

7.5CVSS7.3AI score0.01822EPSS

CVE•added 2019/04/30 9:29 p.m.•39 views

CVE-2019-3937

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.

7.8CVSS7.4AI score0.00023EPSS